mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-19 19:14:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated attributes associated with encryption artifact.

Browse Source
This commit is contained in:
Jeff Wallace 2013-12-13 13:28:17 -05:00
parent 78d44473f8
commit 199c347a79
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java
View File

@ -998,7 +998,7 @@ public class ReportGenerator {
columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"Program Name", "Text", "Source File"})); columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"Program Name", "Text", "Source File"}));
break; break;
case TSK_ENCRYPTION_DETECTED: case TSK_ENCRYPTION_DETECTED:
columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"Program Name", "Entropy", "Source File"})); columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"Name", "Source File"}));
break; break;
default: default:
return null; return null;
@ -1324,6 +1324,10 @@ public class ReportGenerator {
orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_TEXT.getTypeID())); orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_TEXT.getTypeID()));
orderedRowData.add(getFileUniquePath(getObjectID())); orderedRowData.add(getFileUniquePath(getObjectID()));
break; break;
case TSK_ENCRYPTION_DETECTED:
orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_NAME.getTypeID()));
orderedRowData.add(getFileUniquePath(getObjectID()));
break;
} }
orderedRowData.add(makeCommaSeparatedList(getTags())); orderedRowData.add(makeCommaSeparatedList(getTags()));

6
SevenZip/src/org/sleuthkit/autopsy/sevenzip/SevenZipIngestModule.java
View File

@ -555,11 +555,7 @@ public final class SevenZipIngestModule extends IngestModuleAbstractFile {
String encryptionType = fullEncryption ? ENCRYPTION_FULL : ENCRYPTION_FILE_LEVEL; String encryptionType = fullEncryption ? ENCRYPTION_FULL : ENCRYPTION_FILE_LEVEL;
try { try {
BlackboardArtifact artifact = archiveFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED); BlackboardArtifact artifact = archiveFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED);
artifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID(), artifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), MODULE_NAME, encryptionType));
MODULE_NAME, encryptionType));
//artifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), MODULE_NAME, ...);
//artifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_ENTROPY.getTypeID(), MODULE_NAME, ...);
//@@@ We don't fire here because GEN_INFO isn't displayed in the tree.... Need to address how these should be displayed
services.fireModuleDataEvent(new ModuleDataEvent(MODULE_NAME, BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED)); services.fireModuleDataEvent(new ModuleDataEvent(MODULE_NAME, BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED));
} catch (TskCoreException ex) { } catch (TskCoreException ex) {
logger.log(Level.SEVERE, "Error creating blackboard artifact for encryption detected for file: " + archiveFile, ex); logger.log(Level.SEVERE, "Error creating blackboard artifact for encryption detected for file: " + archiveFile, ex);